On Constructing Parallel Pseudorandom Generators from One-Way Functions

  • Authors:

  • Emanuele Viola

  • Affiliations:

  • Harvard University

  • Venue:
  • CCC '05 Proceedings of the 20th Annual IEEE Conference on Computational Complexity
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

We study pseudorandom generator (PRG) constructions G^f : {0, 1}驴 驴 {0, 1}^驴+s from one-way functions f : {0, 1}^n 驴 {0, 1}^m. We consider PRG constructions of the form G^f (x) = C(f(q_1) . . . f(q_poly(n))) where C is a polynomial-size constant depth circuit (i.e. AC^0 ) and C and the q's are generated from x arbitrarily. We show that every black-box PRG construction of this form must have stretch s bounded as s \leqslant \iota\cdot (\log ^{0(1)} n)/m + 0(1) = o(\iota ). This holds even if the PRG construction starts from aone-to-one function f : {0, 1}^n 驴 {0, 1}^m where m 驴 5n. This shows that either adaptive queries or sequential computation are necessary for black-box PRG constructions with constant factor stretch (i.e. s = 驴(驴)) from one-way functions, even if the functions are one-to-one. On the positive side we show that if there is a one-way function f : {0, 1}^n 驴 {0, 1}^m that is regular (i.e. the number of preimages of f(x) depends on |x| but not on x) and computable by polynomial-size constant depth circuits then there is a PRG : {0, 1}^驴 驴 {0, 1}^驴+1 computable by polynomial-size constant depth circuits. This complements our negative result above because one-to-one functions are regular. We also study constructions of average-case hard functions starting from worst-case hard ones, i.e. hardness amplifications. We show that if there is an oracle procedure Ampf in the polynomial time hierarchy (PH) such that Ampf is average-case hard for every worst-case hard f, then there is an average-case hard function in PH unconditionally. Bogdanov and Trevisan (FOCS ý03) and Viola (CCCý03) show related but incomparable negative results.